Michal Remper, CCIE#8151 Systems Engineerpalo/Rozne/cisco-expo/2006/... · Best Practices for LEAP...

1© 2005 Cisco Systems, Inc. All rights reserved.WLAN_Sec

Wireless Campus Network Security

Michal Remper, CCIE#8151Systems [email protected]


Agenda

• WLAN Security Overview

• WLAN Security Vulnerabilities and Threats

• WLAN Security Authentication and Encryption

• Centralized Wireless Deployment

• Wireless IDS

• Summary


Hackers

Why WLAN Security Is Important?

• Do not rely on basic WEP encryption; Requirement for Enterprise class Security (WPA, EAP/802.1x protocols, Wireless IDS, VLANs/SSIDs, etc)

• Employees will install WLAN equipment on their own (compromises security of your entire network)

Out of the box configuration of APs: All security features are disabled!

• Business impact due to stolen data: Potential financial and legal consequences (Laws to protect data confidentiality; Example: Healthcare)

Lessons:Lessons:“War Driving”

Vulnerabilities:Vulnerabilities: Employees


WLAN Security Vulnerabilities and Threats

• Different forms of Vulnerabilities and Threats ExistEncryption Vulnerabilities: WEP

Authentication Vulnerabilities: Shared-Key authentication, Dictionary attacks, and MITM attacks

WLAN Sniffing and SSID Broadcasting

Address Spoofing: Mac-address spoofing and IP address spoofing (both hostile/outsider attacks as well as insider attacks)

Misconfigured APs and Clients

Denial of Service (DoS) attacks: Using 802.11 deauthentication/ disassociation frames, RF jamming, etc.


WEP Vulnerabilities

• 802.11 Static-WEP is flawed: Passive AttacksRC4 Key Scheduling algorithm uses 24-bit Initialization Vector (IV) and does not rotate encryption keys

Practical tools that have implemented FMS attack (Example: AirSnort) can uncover the WEP key after capturing 1,000,000 packets

This is about ~17 minutes to compromise the WEP key in a busy network!

This attack is passive and all the attack tool needs to do is “listen” to the WLAN network (i.e. sniff WLAN packets)

• 802.11 Static-WEP is flawed: Active AttacksDoes not protect the WLAN user data integrity

Several Forms of Attacks possible: Replay Attacks, Bit-Flipping attacks, etc.


Authentication Vulnerabilities

• Shared Key Authentication is flawed!AP challenges (plaintext challenge) the WLAN user to ensure possession of valid encryption keyAttacker can obtain key stream plaintext challenge XORciphertext = Key StreamNot recommended for deployment!

• Dictionary AttacksOn-line (active) attacks: Active attack to compromise passwords or pass-phrasesOff-line attacks: Passive attack to compromise passwords or pass-phrases

• MITM AttacksActive attacks where the attacker inserts himself in the middle of authentication sequence


What is a Dictionary Attack Tool?

• What is a dictionary?Contains variations of passwords

Weak passwords can be cracked using standard dictionaries (found easily in various Internet discussion forums and web sites)

• Success factors for this tool depend on:Variation of the user’s password is found in the dictionary used by the attacker

Attacker’s experience and knowledge in generating dictionaries

Password Strength

A weak six character password will be easily compromised compared to a strong ten letter password

Attacker’s dictionary strength determines whether the password can be compromised


Cisco LEAP: Off-line Dictionary Attack

• Cisco LEAP is based on MS-CHAP architectureNo “salt” is used (along with NT hash) in challenge/response (i.e. encryption process is not “randomized”)Weak DES Key selection in challenge/responseUsername sent in the clear

• Off-line (passive) dictionary attacks are possible:Assumptions:Attacker needs to be in the vicinity of your building (Sniff clear-text EAP message exchange)Attacker is knowledgeable to carry out advanced dictionary attacks

Can compile/customize penetration tool(s) and experience in carrying out dictionary attacks

• Off-line dictionary attack depends on a few variables:Password Policy Processing power available to the Attacker Efficiency of the attacker’s algorithm


Man-in-the-Middle Exploits

• Man-in-the-Middle Exploits are attacks by which the attacker poses as the network to clients and as a client to network

Attacker attempts to obtain security credentials or security key by intercepting credentials

Wireless Station

Access Point

MiTM Attacker

EAP ServerEAP re

questEAP reply

EAPOL key


MiTM Exploits

• Current implementations have some MiTM vulnerabilityEAP-FAST is considered vulnerable to MiTM ONLY during authentication phase

PEAP is considered vulnerable to MiTM if the client accepts the same EAP transaction type inside and outside the tunnel

• Defenses against MiTM exploitsIn order to mount a Man-in-the-Middle exploit, you must pose as a valid infrastructure network

Easily detected/contained with common rogue AP detection mechanisms

Cryptographic binding of authentication exchanges- EAP-FAST, PEAPv2-mitigate MiTM risks

Note: Problem with potential MiTM attacks is described in PEAP v2 IETF Draft documenthttp://www.ietf.org/internet-drafts/draft-josefsson-pppext-eap-tls-eap-10.txt


WLAN Sniffing and SSID Broadcasting

Disabling SSID Broadcast should not be considered a security mechanism- Potential attackers can uncover your SSID by

observing probe responses!


Address Spoofing

• MAC address and IP address spoofing possible in WLAN Networks

• Outsider (hostile) attack scenarioIP Address spoofing is NOT possible if Encryption is turned on (DHCP messages are encrypted between the client and the AP)

MAC Address spoofing alone (i.e. without IP Address spoofing) may not buy much if encryption is turned on

• Insider attack scenario:MAC address and IP Address spoofing will NOT succeed if EAP/802.1x Authentication is used (Unique encryption key is derived per user (i.e. per MAC address))

Access Point

Authorized Client

Sniff Client MAC Addr & IP Address

Inject Packets into the WLAN network using Client’s MAC/IP Address


Who Installs Rogue APs?—“Focus on the Frustrated Insider”

Frustrated insider• User that installs wireless AP in order to benefit from

increased efficiency and convenience it offers• Common because of wide availability of

low cost APs• Usually ignorant of AP security configuration, default

configuration most common

Malicious hacker • Penetrates physical security specifically to

install a rogue AP• Can customize AP to hide it from detection tools• Hard to detect—more effective to prevent via 802.1x and

physical security• More likely to install LINUX box than an AP

Jones from Accounting

>99.9% of Rogue APs

<.1% of Rogue APs


Denial of Service (DoS) Attacks

• RF JammingA simple RF Jamming Transmitter (Example: Microwave or codeless phone next to an AP)

• DoS attacks using 802.11 management frames802.11 management frames are NOT authenticated between the AP and the clients

Anyone can spoof a client’s MAC address and send an 802.11 management frame on behalf of that client

• 802.1x Authentication FloodingAn attacker can send a flood of 802.1x authentication requests to the AP

This causes the AP to process unnecessary authentication frames


Basic Requirements to Secure Wireless LANs

• Encryption algorithmMechanism to provide data privacy

• Message integrityEnsures data frames are tamper free and truly originate from the source address

• Authentication frameworkFramework to facilitate authentication messages between clients, access point, and AAA server

• Authentication algorithmMechanism to validate client credentials


Encryption and Data PrivacyEncryption and Data Privacy

Authentication, Authorization, and Access Control

Authentication, Authorization, and Access Control

Encryption Algorithm

Message Integrity

Authentication Algorithm

Authentication Framework

TKIP-PPK or AES-CCM

TKIP-MIC or AES-CBC-MAC

802.1X/EAP LEAP, PEAP, or EAP-FAST

Basic Requirements to Secure Wireless LANs


Wireless LAN Security Authentication and Encryption

• Technologies to Secure Wireless LANsEAP/802.1x Authentication Protocols

Data Encryption & Message Integrity: WPA, CKIP, WPA2

• EAP/802.1x with WPA/WPA2 Deployment Considerations

EAP Supplicant Availability


802.1X Authentication Overview

• IEEE 802.11 Task Group i recommendation for WLAN authentication

• Supported by Cisco since December 2000

• Extensible and Interoperable – Supports:Different EAP authentication methods or types

New encryption algorithms, including AES as a replacement for RC4

• Key benefitsMutual authentication between client and authentication (RADIUS) server

Encryption keys derived after authentication

Centralized policy control, where session timeout triggers reauthentication and new key

client

AP

RADIUSserver

ExtensibleAuthenticationProtocol (EAP)

RADIUS

userdatabase


How does Extensible Authentication Protocol (EAP) authenticate clients?

Client associates CorporateNetwork

WLAN Client Access Point RADIUS server

Cannot send data until… Data from client Blocked by AP

…EAP authentication complete

802.1x RADIUS

EAP

Client sends data Data from client Passed by AP


Cisco LEAP

• Client SupportWindows 95-XP, Windows CE, Macintosh OS 9.X & 10.X, and Linux

• RADIUS ServerCisco ACS and Cisco AR

Local RADIUS on AP (12.2(13)) and ISR (12.3(11))

Funk Steel Belted Radius or Odyssey server products

Interlink Merit

• Microsoft Domain or Active Directory database (optional) for back end authentication

• Device SupportWorkgroup Bridges (WGB 340 and 350)

Bridges (BR350, BR1400, and BR1300 series)

Cisco 2000 and 4000 Series controllers


Cisco LEAP Authentication

AccessPointClient RADIUS

ServerNT/AD

ControllerStart

IdentityIdentityRADIUS Server Authenticates Client

Request Identity

Client Authenticates RADIUS Server

AP Blocks all Requests until Authentication Completes

Key Management

Protected Data Session

WPA or CCKM Key Management used

ClientAuthentication


ServerAuthentication


Derivekey

Derivekey


Best Practices for LEAP Deployment

• On-line Dictionary AttacksUse policies on the RADIUS server to lockout a user after X number of login failures

Authentication failures may also be alarmed and client 802.11 exclusion may be possible

• Off-line Dictionary AttacksUse Strong Password Policy (Minimum 10 character password)

Possible Methods to overcome “human limitation” for strong password policy

Separate MSFT AD User Account & Password for Wireless Access (i.e. WLAN authentication is decoupled form MSFT AD authentication)

Administrator should generate strong password for WLAN authentication for each user

WLAN authentication user-id and strong password securely stored on the device


Best Practices for LEAP Deployment

• Example Strong Password PolicyPassword should be minimum of twelve charactersNote: At least minimum of ten characters recommended for strong password policyhttp://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtmlhttp://www.cisco.com/en/US/products/hw/wireless/ps430/prod_bulletin09186a00801cc901.htmlA mixture of uppercase and lowercase lettersAt least one numeric character (0-9) or Non-alphanumeric characters (example: !#@&)No form of the user's name or user IDA word that is not found in the dictionary (domestic or foreign)Randomly generated passwords

• Example passwords to match the above policyW1r3l3ss1sG00d (as in “WirelessisGood”)N3tw0rk3rsR0cks (as in “NetworkersRocks”)


EAP-FAST – Simple, Versatile, and Secure

EAP-TLS

PEAP-GTC

PEAP-MSCHAPv2

EAP-TTLS

AAA

EAP-FAST tunnelOTP

MSCHAPv2 CertsUID/PW

• Strong authentication without the burden of cert management• Simple to deploy• Open standard, on the path to RFC

http://www.ietf.org/internet-drafts/draft-cam-winget-eap-fast-00.txt• Robust Support

Fast Roaming (CCKM)IOS Local AuthenticationCisco NAC

• EAP-FAST establishes an encrypted tunnel between the client and the AAA server

The client and AAA can then securely use any credentials within the tunnelClient stacks from Funk and MeetinghouseCCXv4 includes support for EAP-FAST


PAC key =

PAC-Opaque:

PAC High Level Description - Creation

PAC-Info: A-ID

...

Server (A-ID) maintains a local key (Master-Key) which only the server knows. Master-Key =

When a client I-ID requests a PAC from the server, it generates a randomly unique PAC key andPAC-Opaque field for this client.

The PAC-Opaque field contains the randomly generated PAC-Key along with other information such as user identity (I-ID) and key lifetime.

A PAC consists from PAC-Opaque, PAC-Key and also PAC-Info.

PAC Key, I-ID and Lifetime in PAC Opaque field are encrypted with Master-Key.

PAC

It also creates a PAC-Info field which contains the Authority Identity (A-ID).

PAC-Key I-ID lifetime...

PAC-Key =

Server (A-ID)Client (I-ID)


PAC key =

PAC-Opaque:

PAC-Info: A-ID

...

PAC


PAC-Key =

PAC key =

PAC-Opaque:

PAC-Info: A-ID

...

PAC


PAC-Key =

PAC High Level Description - Creation

Server forgets PAC.

PAC-Opaque, PAC-Key and also PAC-Info are returned to the client as the PAC.


Master-Key =


PAC-Opaque: PAC-Key I-ID lifetime...

PAC-Key =


PAC-Key =

PAC High Level Description – Establish TLS

PAC key =

PAC-Info: A-ID

...

PAC

Server (A-ID)Client (I-ID) If EAP-FAST session starts, server sends it’s A-ID in EAP-FAST start packet.

A-ID

Client returns PAC-Opaque to server.

Client selects PAC based on A-ID.

Master-Key =


PAC-Opaque:

PAC High Level Description – Establish TLS

If EAP-FAST session starts, server sends it’s A-ID in EAP-FAST start packet

PAC key =

PAC-Info: A-ID

...

PAC


PAC-Key = PAC-Key I-ID lifetime...

PAC-Key =Server decrypts PAC- Key, I-ID and lifetime in PAC-Opaque using Master Key.Now server and client possess the PAC key (as shared secret) to establish TLS tunnel.


A-ID

Client returns PAC-Opaque to server

Client selects PAC based on A-ID

Master-Key =


EAP-FAST Authentication


ServerStart

IdentityIdentityRequest Identity

Server Authenticates Client

AP Blocks all Requests Until

Authentication Completes



PAC-Opaque PAC-Opaque

External User DB

Establish a Secure Tunnel (PAC & TLS)

Server Authentication

Server Authentication

Key Management


WPA or CCKM Key Management used

A-IDA-ID


EAP-TLS

• Client SupportWindows 2000, XP, and Windows CE (natively supported)

Non-Windows platforms: Third-Party supplicants (Meetinghouse and Funk)

Each client requires a user certificate

• Infrastructure RequirementsEAP-TLS supported RADIUS server

Cisco ACS, Cisco AR, MS IAS, Funk, Interlink

RADIUS server requires a server certificate

Certificate Authority Server (PKI Infrastructure)

• Certificate ManagementBoth client and RADIUS server certificates to be managed


Server Certificate Server Certificate

EAP-TLS Authentication


ServerCertificateAuthority

Start

IdentityIdentity

Request IdentityAP Blocks all Requests until


Client Certificate Client Certificate

Random Session Keys GeneratedEncrypted ExchangeEncrypted Exchange

Key Management


WPA Key Management used






EAP-PEAP

• Hybrid Authentication MethodServer side authentication with TLSClient side authentication with EAP authentication types (EAP-GTC, EAP-MSCHAPv2, etc)

• Clients do not require certificatesSimplifies end user/device management

• RADIUS server requires a server certificateRADIUS server self-issuing certificate capabilityPurchase a server certificate per server from public PKI entitySetup a simple PKI server to issue server certificates

• Allows for one way authentication types to be usedOne Time PasswordsProxy to LDAP, Unix, NT/AD, Kerberos, etc


EAP-PEAP Authentication


ServerStart

IdentityIdentityRequest Identity

AP Blocks all Requests until


EAP in EAP AuthenticationClient

AuthenticationClient

Authentication

External User DB

Key Management


WPA Key Management used

Server Certificate Server Certificate

Encrypted Tunnel Established


ServerAuthentication Pre-Master Secret Pre-Master Secret


PEAP v2

• Protection from Man-in-the-Middle exploitsCryptographic binding of EAP exchange

• Unauthenticated provisioning mode for simplified deployment

• Initial EAP exchange uses “EAP routing realm” or may be omitted in order to prevent sending user identity in clear

• Currently submitted to IETF in Draft formhttp://www.ietf.org/internet-drafts/draft-josefsson-pppext-eap-tls-eap-10.txt


EAP Protocols: Feature Support

NoNoYes5NoOTP support

YesNoYes5YesLDAP DB support

YesYesYesYesMS DB support

Cisco/CCXv3 clients4 and

others2

Cisco/CCXv1 or above

clients and others2

XP, 2000, CE, CCXv2 clients3,

and others2

XP, 2000, CE,and others2

Client & OS availability

YesNoYesN/APassword expiration (MS DB)

YesYesYes1Yes1Login scripts (MS DB)

YesYesYesYesSingle sign-on

EAP-FASTLEAPPEAPEAP-TLS

1 Windows OS supplicant requires machine authentication (machine accounts on Microsoft AD)2 Greater Operating System coverage is available from Meetinghouse and Funk supplicants3 PEAP/GTC is supported on CCXv2 clients and above4 Cisco 350/CB20A clients support EAP-FAST on MSFT XP, 2000, and CE operating systems. EAP-FAST supported on CB21AG/PI21AG clients with ADU v2.0 and CCXv3 clients in 1QCY20055 Supported by PEAP/GTC only


EAP Protocols: Feature Support

YesYesNoNoApplication Specific Device (ASD) support

NoYes1NoNoOff-line Dictionary attacks?YesYesNoNoFast Secure Roaming (CCKM)YesYesNoNoLocal authenticationYesYesYesYesWPA support

LowLowMediumHighDeployment complexity

NoNoYesYesServer certificates?

Low/MediumLowHighHighRADIUS server scalability Impact

NoNoNoYesClient certificates?

EAP-FASTLEAPPEAPEAP-TLS

1 Strong Password Policy recommended; Please refer to ---http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_bulletin09186a00801cc901.html


EAP Protocol Deployment

• Cisco LEAP Deployment Guidehttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_technical_reference_chapter09186a0080225228.html

• Cisco PEAP Application Notehttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_technical_reference_chapter09186a008025d6ee.html

• Cisco EAP-TLS Application Notehttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/products_white_paper09186a008009256b.shtml

• Cisco EAP-FAST Application Notehttp://www.cisco.com/en/US/partner/products/hw/wireless/ps430/prod_configuration_guide09186a0080262422.html

Cisco Deployment Guides/ Application Notes


Protected Access

What are WPA and WPA2?

• Authentication and Encryption standards for Wi-Fi clients and APs

• 802.1x authentication

• WPA uses TKIP encryption

• WPA2 uses AES encryption

Which should I use?

• Go for the Gold!

• Silver, if you have legacy clients

• Lead, if you absolutely have no other choice (i.e. ASDs)

Gold

WPA2/802.11i•EAP-Fast•AES

Gold

WPA2/802.11i•EAP-Fast•AES

Silver

WPA•EAP-Fast•TKIP

Silver

WPA•EAP-Fast•TKIP

Lead

dWEP (legacy)•EAP-Fast/LEAP•VLANs + ACLs

Lead

dWEP (legacy)•EAP-Fast/LEAP•VLANs + ACLs


802.11i/WPA Authentication and Key Management Architecture

802.1X (EAPoL)

Authentication Server

802.11

Wireless Station

EAP-TLS

EAP

RADIUS

UDP/IP

Out of scope of 802.11i standardAccess

Point


Data Protection

802.1X Authentication

Key Management Key Distribution

Capabilities Discovery

802.11i/WPA Authentication and Key Management Overview

AccessPoint

RADIUS


Purpose of each phase

• DiscoveryAP advertises capabilities in Beacon, Probe ResponseSSID in Beacon, Probe provides hint for right authentication credentialsSTA selects authentication suite and unicast cipher suite in Association

Request• 802.1X authentication

Centralize network admission policy decisions at the ASSTA determines whether it does indeed want to communicateMutually authenticate STA and ASGenerate Master Key as a side effect of authenticationGenerate Pair-wise Master Key (PMK) as an access authorization token

802.11i/WPA


Purpose of each phase…

• RADIUS-based key distributionAS moves (not copies) Pair-wise Master Key (PMK) to STA’s AP

• 802.1X key managementBind PMK to STA and APConfirm both AP and STA possess PMKGenerate fresh Pair-wise Transient Key (PTK)Prove each peer is liveSynchronize PTK useDistribute Group Transient Key (GTK)

802.11i/WPA


802.11i/WPA Security Capabilities Discovery

Probe Request

Probe Response + WPA IE (AP Supports WEP Mcast, TKIP Ucast, 802.1X Auth)

802.11 Open System Auth

802.11 Open Auth (Success)

Association Req + WPA IE (STA Requests WEP Mcast, TKIP Ucast, 802.1X Auth)

Association Response (Success)

AccessPoint


AP 802.1X Blocks Port for Data Traffic

STA 802.1X Blocks Port for Data Traffic

802.1X RADIUS

802.1X/EAP-Response Identity (EAP Type Specific)

802.11i/WPAEAP Authentication Overview

802.1X/EAP-Request Identity

EAP Type SpecificMutual Authentication

RADIUS Accept (with PMK)

802.1X/EAP-SUCCESS

Derive Pairwise Master Key (PMK)

Derive Pairwise Master Key (PMK)

Station (STA)

AccessPoint RADIUS

RADIUS Access Request/Identity


802.1X Key Management

• Original 802.1X key management hopelessly broken, so redesigned by 802.11i

• New model:Given a PMK, AP and AS use it to

Derive a fresh PTKAP uses KCK(EAPOLMIC) and KEK(EAPOLEncr) portions of PTK

to distribute Group Transient Key (GTK)

802.11i/WPA


802.11i/WPA Key Management Overview

RADIUS Pushes PMK from AS to AP

PMK and 4-Way Handshake Derive, Bind, and Verify PTK

Group Key Handshake Sends GTK from AP to STA

AP

AccessPoint RADIUS

ASPMK


Unicast Keys: 4-Way Handshake

(Reply Required, Unicast, ANonce)

Pick Random ANonce

(Unicast, SNonce, MIC, STA RSN IE)

(Reply Required, Install PTK, Unicast, ANonce, MIC, AP RSN IE)

Pick Random SNonce, Derive PTK = EAPoL-PRF(PMK, ANonce | SNonce | AP MAC Addr | STA MAC Addr)

Derive PTK

(Unicast, MIC)

Install TK Install TK

AP

STA

PMKPMK

802.11i/WPA


Group Key Handshake

EAPoL-Key(All Keys Installed, ACK, Group Rx, Key Id, Group , RSC, GNonce, MIC, GTK)

Pick Random GNonce, Pick Random GTK

EAPoL-Key(Group, MIC)

Encrypt GTK with KEK

Decrypt GTK

APSTA

PTK PTK

unblocked data traffic unblocked data traffic

802.11i/WPA


Session Key Explanation

Key Conformation Key (KCK)

EAPOLMICKey

Key Encryption Key (KEK)

EAPOLEncrKey

Temporal Key 1 (TK1)

DataEncrKey

Temporal Key 2 (TK2)

DataMICKey

PTK bits 0-127 PTK bits 256 - 383PTK bits 128 - 255 PTK bits 384 -511

Pairwise Transient Key (PTK), 512 bits

Pairwise Master Key (PMK), 256bits • PMK is derived from

MK• PTK is a collection of

operational keys• KCK: used to prove

posession of PMK and to bind the PMK to the authenticator

• KEK: used to distribute the group transient key (GTK)

• TK1 & TK2: used for encryption and is cipher specific


WPA Key Hierarchy

• PTK (Pairwise Transient Key – 64 bytes)16 bytes of EAPOL- Encryption key – AP uses this to encrypt GTK while sending GTK

message 1 16 bytes of EAPOL- MIC key – Used to compute MIC on WPA EAPOL Key16 bytes Temporal Encryption Key (DataEncr Key)– Used to encrypt/decrypt Unicast

TKIP MPDUDataMIC Key:8 bytes of Michael MIC Authenticator Tx Key – Used to compute TKIP MSDU MIC on

unicast packet transmitted by AP8 bytes of Michael MIC Authenticator Rx Key – Used to compute TKIP MSDU MIC on

unicast packets transmitted by the station

• GTK ( Groupwise Transient Key – 32 bytes)16 bytes of Group Temporal Encryption Key – Used to encrypt Multicast TKIP MPDU8 bytes of Michael MIC Authenticator Tx Key – Used to compute TKIP MSDU MIC on

Multicast packet transmitted by AP8 bytes of Michael MIC Authenticator Rx Key – This is currently not used as stations do

not send multicast traffic


TKIP: per packet Key Mix

Phase1 = Phase1-Mix(PTK_Enc, TA, Upper IV[32bits])Phase 2 = Phase2-Mix(PTK_Enc, Phase1, Lower IV[16bits])

CiphertextCiphertextXORXOR

PlaintextPlaintext

MixerMixer

PMKPMK IVIV

Key StreamKey StreamWEPWEPPacket KeyPacket Key

Xmit MACXmit MAC

Phase 1 KeyPhase 1 Key MixerMixer

32 bits

16 bits


Michael MIC → protects MSDUs

DA SA Payload MICKey

MICMIC

8 byteMIC

Michael message processingInput: Key (K0, K1) and message M0,...,MNOutput: MIC value (V0, V1)MICHAEL((K0, K1) , (M0,...,MN))(L,R) ← (K0, K1)for i=0 to N-1

L ← L ⊕ Mi(L, R) ← b( L, R )

return (L,R)

Michael block functionInput: (L,R) Output: (L,R)b(L,R)R ← R ⊕ (L <<< 17)

L ← (L + R) mod 232

R ←R ⊕ XSWAP(L)L ← (L + R) mod 232

R ←R ⊕ (L <<< 3)L ← (L + R) mod 232

R ←R ⊕ (L >>> 2)L ← (L + R) mod 232

return (L,R) •Weak MIC: 20bits of security, 64bit tag•Cheap to implement: 1.5 cycles/byte


Michael MIC Countermeasures

• If an active attack is detected:–delete PMK and PTK. This prevents the attacker from learning anything about those keys from the MIC failure.–log event. A MIC failure is an almost certain indication of an active attack, and warrants a follow-up by the system administrator.–- MIC failure rate must be less than one per minute. New keys must not be generated if devices frequently receive packets with forged MICs. The slowdown makes it impossible for the attacker to make a large number of attempts in a short time.

• Check CRC, ICV and IV before verifying the MIC. MPDUs with invalid CRCs, ICVs, or with whose MPDUs’ IVs falling before the IV window shall be discarded before checking the MIC to avoid unnecessary MIC failure events.

• MIC countermeasures can be disabled on the Cisco Access Points


WPA-PSK

• WPA-PSK becoming somewhat popular recentlyAvailable on some handhelds, esp. Symbol

Advantage: unique per-client, temporal keys

Disadvantage: PSK shared across all clients (similar key management issues with static WEP)

• WPA-PSK does not function on Distributed Architecture with AAA MAC auth

• Make sure that customers are aware of Dictionary Attack potential with WPA-PSK

PSK may be set explicitly as 64 Hex character or with “passphrase”which uses a well-known expansion to generate PSK

Brute force attack on 256 bit key is non-trivial

Strong passwords should be used if utilizing “passphrase”


Pre-shared Key (PSK) Authentication Overview

Data protection

Enhanced 802.1X key mgmt (generate and install PTK and GTK)

802.11 security capabilities discovery

Wireless Station

PSK pre-programmed

in the AP and the STA

802.11i/WPA


WPA and WPA2 Comparison

Authentication: PSK

Encryption: AES-CCMP

Authentication: PSK

Encryption: TKIP/MIC

Personal Mode

(SOHO, Home/Personal)

Authentication: IEEE 802.1X/EAP

Encryption: AES-CCMP

Authentication: IEEE 802.1X/EAP

Encryption: TKIP/MIC

Enterprise Mode

(Business, Education, Government)

WPA2WPA


IEEE 802.11i

• Ratified June 2004• Defines security standards for wireless LANs • Details stronger encryption, authentication, and key management

strategies for wireless data and system security• Required hardware accelerator chip in radio• Includes the following:

Two new data-confidentiality protocols – TKIP and AES-CCMP Negotiation process for selecting the correct confidentiality protocolKey system for each traffic typeKey caching and pre-authentication

• Official announcement from IEEE http://standards.ieee.org/announcements/pr_80211iv1.html


AES Encryption• Encryption standard defined by NIST (National Institute of Standards

and Technology) to replace DESThe ‘Gold’ standardHardware encryption vs. software encryption

• Replaces RC4 encryption in IEEE 802.11i (CCMP w/AES replaces TKIP w/RC4)

128 bit symmetric cipher, 48 bit Initialization VectorCCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

• Requires hardware acceleration, or the overall performance of an11Mb radio will be unacceptable

• Facilitates government FIPS 140-2 compliance Note: 802.1X is not FIPS compliant


Centralized Solution FIPS 140-2 Key Management

RAD KeywrapAES-SHA-12. RAD distributes

PKM to ControllerPMK

PMKPMK1. EAP-TLS client-server auth &PMK derivation

LWAPP802.1X-EAPOL

802.1XEAP

RADIUSEAP Transport

PTKLWAPP AES-CCM

PTK 802.11iAES-CCMP (128b)

4. Controllerdistributes PTKto AP

3. Controller andsupplicant derivePTK = KCK, KEK & GTK

PTK PTK

FIPS CompliantSupplicant

FIPS CompliantRADIUS

FIPS WLAN ControllerFIPS Aironet AP

Cisco Centralized Wireless LAN Solution

(802.11i Client/Server Security)

802.11iAES-CCMP (256b)

Vendor interoperable


Cisco Wireless – Guarding the Air Space for the United States Military Academy


Cisco ACS AAA server

WAN Wireless Domain Server(WDS)

Client 802.1X authenticates with AAA server

Master key is cached on WDS, and sent to the AP where it is used to derive a session key for AP1, and client

Client and AP2 generate new encryption keys

AP1

NOTE: Because the WDS handles roaming and re-authentication, the WAN link is not used

Improving Secure Roaming Latency –Cisco Centralized Key Management

APs 802.1X authenticate to the RADIUS server – via the WDS

APs establish secure connection to WDS

Client indicates to AP2 it is roaming from AP1

WDS securely sends client’s master key to AP2

AP2


Cisco Centralized Key Management (CCKM)

Feature Description:

Benefit:

• CCKM–Cisco Centralized Key Management protocol enables fast 802.1x reauthentication

• CCKM support available for the following 802.1x EAP types• EAP-LEAP• EAP-FAST

• Fast re-authentication with CCX version 2 clients (important for clients not supporting WPA2)

• Provides a survivability benefit in that it permits client roaming/reauthentication even when the network link between the Controller and RADIUS server is down

• EAP-PEAP-GTC *• EAP-TLS

• EAP-PEAP-MSCHAPv2*

* Optional for ASD


Controller CCKM Support

• Architecturally very similarto PKC

• Client must be CCKM-capable (RN + MIC sent in reassoc req)

• CCKM Cache is maintainedon each controller

• Controller mobility group automatically/proactivelyexchanges NSK

• TKIP/AES encryption supported with CCKM

Initial Authentication

NSK Derived

NSK used in 4W Handshake

NSK Proactively cached on new controller

Reassociation Request (RN + MIC)

Reassocation Response

NSK used in 4W Handshake

Client Roam


CCKM vs. PKC

• CCKMCCX version 2 clients (LEAP)

CCX version 4- support with other EAP types (EAP-TLS, PEAP)

7920/ PDA’s/ WinCE

“Pre-standard” Fast Secure Roaming solution

• PKCUbiquitous support for WPA2/AES clients

Any EAP type


802.11i PMK Caching

• Whenever an AP and a STA have successfully passed dot1x based authentication, both of them may cache the PMK record to be used later

• When a STA is going to (re-)associate to an AP, it may attach a list of PMKIDs (which were derived via dot1x process with this AP before) in its RSNIE in the (re-)association request frame

• When PMKID exists in STA’s RSNIE, AP can use them to retrieve PMK record from its own PMK cache, if PMK is found, and matches the STA MAC address. AP can bypass dot1x authentication process, and directly starts WPA2 4-way key handshake session with the STA

• PMK cache records will be kept for 1 hour for non associated STAs

• Enable PMK caching to bypass 802.1X Authentication


802.11i With Very Fast RoamingProactive Key Caching (PKC) Reduces AAA Exchanges

PMK = X

Client A XPMK Cache

RADIUS Server

“Access Challenge” sent to RADIUS server via

Airespace WLAN

“Access Accept”Master Key Generated

Client A Four-way Handshake802.11i Encrypted Link

Four-way Handshake

802.11i Encrypted Link


WPA2/ EAP Supplicant availability

• Native Windows SupplicantWPA supported with Windows XP, note that patch is required for WPA2 compatibility- XP SP2 does NOT support WPA2

• Cisco 350 and CB20A ClientWPA supported with Aironet Client Utility (Win2K, WinXP) using LEAP or EAP-FAST

Microsoft WPA or 3rd party supplicant must be used for WPA with other EAP types

No WPA2/AES support

• CB21AG / PI21AG Clients WPA supported for all EAP types on both Windows 2000 and WindowsXP platforms

LEAP, EAP-TLS, PEAP/MS-CHAPv2, and PEAP-GTC (EAP-FAST in ADU v2.0)

WPA2/AES supported in ADU v2.0


WLAN Security Authentication and Encryption Summary

• WLAN Security encompasses both authentication and encryption and both components are mandated by WPA

• Care should be taken to ascertain that the chosen EAP authentication type employed is compatible with authentication database

• WPA provides both dynamic, per-packet keying in addition to key authentication/ message integrity

• WLAN Client capability/ availability must be considered when choosing WLAN authentication and encryption options


Centralized System Security Highlights

• X.509 certificates guarantee identityZero touch, if desiredAP must prove identity through unique private keyAP’s identity is validated and authorization check is performed

Only APs you want are allowed in

• Zero false positives on AP impersonationTrusted MAC address is not sufficient

Hacker steals trusted MAC address and runs Host APBoth over the air and wire

• LWAPP protocol peer reviewAirespace FIPS-140-2 level 2 certification (prior to merger)

Including LWAPP Key DistributionLWAPP specification publicly available for > 2 years


LWAPP Architecture

• The Light Weight Access Point Protocol (LWAPP) is used between an AP and a WLAN Controller.

• LWAPP provides benefits to secure deployment and operation of WLAN APs

Permits authentication of AP and encryption of AP control dataPermits centralization of traffic and simple traffic policing

LWAPP

Control traffic between Access Point and controller is authenticated and encrypted

AES-CCM encryptedcontrol channel


LWAPP AP Switch Discovery Process

AP DB

New AP is installed – PSK is configuredAP Generates self signed certificate

LWAPP Join Request

RADIUS Validates public key andserial numberAP Authorization

Access-Accept

LWAPP Join Response

Service is provided

ACS Server

Secured LWAPP Channel

Admin saves public key and serial number& Configures RADIUS Server


LWAPP Switch Discovery

• AP discovers switch via L2 or L3, checks image and downloads configuration

LWAPP AP does not retain any configuration data

• As part of authentication process, LWAPP AP is provided a new key used to encrypt control traffic

AP must prove identity through unique private key (X.509)

Key used to encrypt AP control data

ClientX.509

Certificate

ServerX.509

Certificate


Centralized Wireless LAN Deployment-Wired Security Features

• Basic security features on the wired switches to consider:WLAN “mapping” permits extension of wireless policy to wired network

Isolated VLANs for WLAN deployment

Layer 2 to Layer 4 ACLs may be applied

• Advanced security features on the wired switches to consider, especially applicable to wireless

DHCP Snooping: To protect against rogue/malicious DHCP server

Router ACLs and VLAN ACLs

RP Rate Limiters: To prevent DoS attacks using “bogus” traffic (Example: ICMP ping requests from bogus IP addresses)

TCP Intercept: Can be used to prevent TCP SYN flooding attacks


Mapping Wireless Security Policies to the Wired Network

• Multiple WLAN Security PoliciesData vs Voice vs Legacy devices vsGuest access

VLAN to SSID mapping

• Mapping WLAN Security policies to Wired security policies

Use L2 to L4 ACLs on the wired side to reinforce WLAN security policies

• Wired network IntegrationUse security features on the interface which terminates wireless traffic

AP Channel: 6SSID “Data” = VLAN 1SSID “Voice” = VLAN 2SSID “Visitor” = VLAN 3

To Distribution Layer


Wireless Security Policy assignment

• Centralized architecture provides a consolidated point for policy enforcement

• Policy may be based on:WLAN SSID accessed

Associated AP (i.e. location)

User authentication

Client device security “posture” (i.e., NAC)


What is Wireless IDS?

• Wireless Intrusion Detection permits the detection of malicious or non-malicious security events on the WLAN

Rogue AP detection

Denial-of-Service detection

WLAN Exploit Signature Analysis

RF Interference detection

• Detection of attempts to access WLAN network and attempts to attract managed clients (honeypot)

• Wireless IPS- Intrusion Prevention System


Why Wireless IDS Matters?

• Ongoing monitoring of 802.11 network to detectUnauthorized/ Rogue Access Points

Active attacks- Denial of Service (DoS) or specific tools

Incorrectly configured Access Points and Clients

• Wireless IDS has become an evolving technology areaWLAN media is unlicensed and 802.11 compatible hardware may be easily and economically obtained

Attack tools are more prevalent/ easily acquired

Requirement to monitor for these specific types of attacks or tools (NetStumbler, FakeAP, Wellenreiter, AirJack, Asleap, etc.)

Manual containment (alert the administrator and let him choose acourse of action) vs Auto containment


Integrated vs Overlay IDS Architectures

IDS Overlay Sensor Network

WLAN Switch

IDS Appliance

Sensor 1 Sensor 2


Integrated vs Overlay IDS Architectures

• 100% network coverage (no hidden nodes)

• No extra hardware costs (sensors/IDS appliance)

• Single NMS (Cisco Wireless Control System)

• LOCATION ENABLED

Integrated IDS Architecture

Cisco WLAN Controller

Cisco 1000 Series APs


A Complete Solution for Handling Rogues

4. View Historical Report

2. Assess Rogue AP (Identity, Location, ..)

1. Detect Rogue AP(generate alarm)

3. Contain Rogue AP

• Can be automated• Multiple rogues contained

simultaneously• ACS validates that no valid

clients are associate to rogue


Cisco WLAN Security Components

1) Identity Networking

• Mutual authentication• Strong encryption• User policy enforcement• (AAA, ACL’s, QoS contracts)

3) Secure RF Mgmt

• RF bleed-over protection• Coverage hole correction• Interference avoidance• Hi-res location tracking

5) Network Access Control• Host-based integrity

checking• Anti-virus protection• Client remediation

2) Intrusion Protection• Rogue detection & location map• IDS attack signatures• Client exclusion & containment• Hi-res location tracking

4) Secure Enterprise Mobility• “Follow-me” VPNs• Pro-active Key Caching (PKC)• Fast Secure Roaming


IDS Components

• Wireless IDS may be deployed in either Dedicated or Integrated manner

• With “Integrated” deployment, it is necessary to time-share between 802.11 service and intrusion-monitoring

This may preclude detection of some intrusion events and rogue AP tracking

Dedicated WIDS server may provide additional capabilities in intrusion analysis

NOTE: It is possible to deploy a “hybrid” WIDS system which employs dedicated monitor devices, without a complete network overlay

WLAN Controller(or aggregation point)

Access Point

Integrated WIDS

WLAN NMSw/IDS function

RF Monitor/Scanning-mode AP

Dedicated WIDSDedicated WIDS

Server


Radio (Air/RF) Monitoring

Network Core

Distribution

Access

SiSi

SiSi

SiSi

Rogue AP

Rogue AP

SiSi

RM

RMRM

SiSi

Wireless Controller or IDS Server WDS Service

(aggregation point)


Rogue AP detection

• Rogue AP Detection has multiple facets:Air/RF detection- detection of rogue devices by observing/sniffing beacons and 802.11 probe responses

Rogue AP location- use of the detected RF characteristics and known properties of the managed RF network to locate the rogue device

Wire detection- a mechanism for tracking/correlating the rogue device to the wired network

• A WIDS may require different deployments to effectively address all of these facets

For example, it is typically required to use a scanning-mode AP as a “rogue traffic injector” to attempt to trace the rogue’s connected port


Rogue AP Detection & Suppression

• Rogue AP detection methodologyWLAN system collects (via beacons and probe responses) and reports BSSID information

System compares collected BSSID information versus authorized (i.e. managed AP) BSSID information

Unauthorized APs are flagged and reported via fault monitoring functionality

• Rogue AP suppression techniquesTrace the rogue AP over the wired network and shut-down the switch port

Use of managed devices to disassociate clients from unauthorized AP and prevent further associations via 802.11 deauthentication frames


WIDS 802.11 Traffic Analysis

• Potentially service-impacting 802.11 (or non-802.11) traffic should be characterized/ detected

Interference (white noise, Bluetooth, legacy 802.11, or other ISM-band interferers)Denial-of-Service exploits (association, probe, EAP)Reconnaissance tools (Netstumbler, etc.) Exploit tools (Monkey-Jack, FakeAP, etc.)

• Note that 802.11 Management Frames- association/ authentication/ probe are not encrypted or authenticated in current implementation

Thus, it is not possible to eliminate the possibility of Denial of Service attacksThe severity of such DoS events should be characterizedMechanisms for securing 802.11 control messages are being considered, but will induce compatibility challenges


WIDS Signature Analysis

• Per-packet examination of WLAN protocols

• Seek specific pattern in WLAN data payload

• Note that it may also be useful to characterize the signature traffic- i.e., source, rate, time, etc.

• Requires that database of known WIDS be maintained

NOTE: Supported with Cisco LWAPP deployment


WLAN Attacks & Standard Signature

• Bcast Deauth

• NULL probe resp 1

• NULL probe resp 2

• Assoc flood

• Reassoc flood

• Probe flood

• Disassoc flood

• Deauth flood

• Res mgmt 6 & 7

• Red mgmt D

• Res mgmt E & F

• EAPOL flood

• NetStumbler 3.2.0



• NetStumbler generic

• Wellenreiter

• FakeAP

• AP impersonation

• Spoofed deuathentication frame

• FATA-Jack

• Honeypot AP

• Monkey JackMan in the middle

• Management frame flood

• Broadcast deauthenticate frame

• EAPoL Flood

• NetStumbler

• Wellenreiter

• Null Probe Response

• Valid stations, invalid SSID

• Invalid OUIs

• WEP Weak IV detection


WIDS Rogue Containment

• In addition to detection of unassociated client devices, an active mechanism for containing unauthorized wireless devices is desirable in many cases

• It is possible to issue 802.11 deauthenticationpackets with “spoofed” source address to disconnect clients from rogue device

Care should be taken in employing active session/ device termination trafficMay be service impacting to managed network or neighbor networksNumber of APs for containment is configurable; maximum of 3 concurrent containments per AP



WIDS Client Exclusion

• Client Exclusion Policy may be used to exclude client from WLAN network

No response is issued to excluded client probe requests

• Client exclusion may be triggered by the following802.11 authentication/ association failure802.1X authentication failureIP reuseWeb auth failure

• Client exclusion may also be manually invokedConfigurable timer or client may be indefinitely excluded until manually removed from exclusion list



Cisco Autonomous AP Implementation

• Integrated Wireless IDS deployment Active 802.11 Access Points collect RF data while serving 802.11 clients, with two possible configurations:

1) AP configured for a specific channel and can collect data for that channel while serving clients

2) AP configured for a specific channel may jump to other channels (i.e. non-serving channel) while idle to collect RF information

• Dedicated Wireless IDS deploymentAP functions as a dedicated sensor to scan all channels for 802.11b/g and/or 802.11a traffic

Specialized IDS functions available via dedicated mode:

Unassociated client and wireless MAC spoofing

Man-in-the-middle attack detection (TKIP/AES-CCM replay, MIC failure)

Excess management frame and EAPOL flood detection

Supported with WLSE 2.7 and 12.2(15)JA release and later


LWAPP WIDS Implementation

• Integrated Wireless IDS deploymentWLAN services 802.11 traffic and provides most IDS functions

• Dedicated/hybrid Wireless IDS deploymentLWAPP APs may be deployed in one of 3 modes:

Local- serves 802.11 traffic & monitorsMonitor- monitors 802.11 traffic on all channelsRogue Detector- monitors wired + 802.11 traffic

Monitor mode permits full-time monitoring of all 802.11 channels for Signature detection, etc.Rogue Detector mode permits wired network correlation of rogue AP devices (via ARP sniffing)


Cisco LWAPP: Locate Rogue AP (High Resolution)


Cisco LWAPP:Map Rogue AP


Cisco LWAPP:Rogue Containment

• Rogue AP, rogue client, or Ad-hoc client may be contained by controller issuing unicastdeauthentication packets

Maximum number of APs participating in containment is configurable

Maximum of 3 concurrent containments may operate on a single LWAPP AP

Containment policy may be set to “alarm only” or “auto contain”

Rogue client devices may be authenticated to a RADIUS (MAC address) database

Maximum time for auto-containment is configurable


Cisco LWAPP:Rogue AP Detection and Containment


Cisco LWAPP:Monitor > Wireless > Rogue APs > Edit


2 APContainment

Spoof BroadcastDeauthentication

Rogue Containment

Rogue AP

AP

Controller

Spoof BroadcastDeauthentication


NEW-Cisco IDS/IPS Sensor Integration- Client ShunningWLC 4.0 Release

999999


Cisco Unified Wireless Network Software Release 4.0

• Security : Cisco Unified IDS/IPS

• Cisco is the 1st vendor to provide and integrated wireline and wireless security solution

Supports and compliments the Cisco Self-Defending Network

Cisco leads the industry with a holistic approach to security – at the wireless edge, wired edge, WAN edge through the data center

When a trusted client acts maliciously (i.e. tries to hack into personnel or financial servers), Cisco’s IDS detects the attack and initiates a “Client block” or shun requests which may be initiated by WLAN controllers


Cisco Intrusion Prevention SystemStops Worms and Malicious Traffic

Cisco Intrusion Prevention System v5.0Cisco Intrusion Prevention System v5.0

Accurate Inline Prevention Technologies

Increases accuracy and confidence for inline mitigation actions

Multivector Threat IdentificationAchieves maximum attack

identification via multiple analysis techniques

Comprehensive Deployment SolutionsProvides a range of reliable high

performance solutions

Unique Network CollaborationLeverages the network for enhanced scalability and

resiliency


IDS Event and Client “Shunning”

• Upon trigger of IPS system, e.g., from a known type of exploit (Nimda, Sasser, TCP stack exploit, etc.), activate a “Shun” or client block event

• A shun event can be invoked either inline or offlineWireless “shun” is invoked at controller via offline mechanism

Controller periodically (configurable interval) polls CIDS for client block event

• Invokes client exclusion (blacklisting) at Cisco Controller

Client remains in blocked state until CIDS removes block & exclusion times out at controller


Adding the Cisco IDS Sensor in Controller

TLS “fingerprint” from Cisco IDS sensor is used to encrypt the communication between the Controller and polled sensor


IDS Detection Event

As a result of Signature Detection, a “Client Block” may be requested as the event action from the IDS sensor


IDS event and Client Shunning

Cisco Controller

Wired IDS4200 Series IDS Sensor

1

2

1. Client to AP/Controller2. Controller to IDS (sensor monitoring controller wired interfaces)3. Client Block event at sensor, retrieved by Controller

Deep Packet Inspection

3 Shun

Malicious traffic

Enterprise Network


IDS Host Block/ Client Shun

Client Blocking/ Client Exclusion Event


Management Frame Protection

107107107


Management Frame Protection (MFP)

Problem: There’s no “physical security” for Wireless & management frames are not authenticated, encrypted, or signed

Solution: Insert a signature (MIC) into the management frames–AP beacons–Probe Requests/Responses–Associations/Re-associations–Disassociations–Authentications/De-authentications–Action Management Frames

Managed AP1MAC addr A.B.C.DAttacker spoofing AP1

MAC addr A.B.C.D

Disassociation

•If Management Frames do not have a valid signature, infrastructure can alert/discard and clients will be able to discard

Signature?

NO= Discard


Management Frame Protection Function

• A solution for clients and infrastructure (APs)

• Clients and APs add a MIC (signature)into every management frame

• Anomalies are detected instantly andreported to Controller/WCS

E.g. no threshold or rate checks required to detect anomalies

MFP Protected

MFP Protected

FUTURE- CCXv5


What are the benefits of MFP?

• Protection- for Rogue AP, Man-in-the-Middle exploits, other Management Frame attacks

• Prevention- will be available with clients capable of decrypting the signature

• Integration with other Cisco Security Monitoring solutions in order to characterize “attack vectors”-rules based correlation

• Cisco Security Leadership and Innovation


MFP Anomaly as Detected by Controller

•Invalid MIC•Invalid Timestamp/Sequence Count•No MIC•Unexpected MIC•Number of anomalies detected•BSSID of anomaly•IP Address/BSSID/interface on which the anomaly was detected •Frame subtype(s) which had detected anomalies•Period over which this event is reporting


Summary

• WPA, WPA2, or Cisco TKIP along an EAP protocol solution is recommended for WLAN security deployment

Choose the best EAP protocol the suits your deployment environment

Consider making a trade-off between security strength versus ease of deployment

• Segment wireless network along the same lines as wired network and use the same access restrictions

• Implement wired security features as well as Wireless IDS to detect wireless intrusion as well as protecting the network against Layer 2+ exploits

• Enable Security Policy Monitoring with WLAN ManagementEnable WIDS features with the appropriate WLAN deployment according to the WIDS needs in your deployment

Proactively monitor and respond to security threats


Reference URLs

• Cisco Aironet Security Web sitehttp://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/networking_solutions_package.html

• WEP Vulnerabilitieshttp://www.cs.umd.edu/~waa/class-pubs/rc4_ksaproc.pshttp://www.cs.rice.edu/~astubble/wep/wep_attack.pdfhttp://airsnort.sourceforge.net/

• Cisco Response to Dictionary attacks on Cisco LEAPhttp://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtmlhttp://www.cisco.com/en/US/products/hw/wireless/ps430/prod_bulletin09186a00801cc901.html

• Latest CCX Informationhttp://www.cisco.com/en/US/partners/pr46/pr147/partners_pgm_partners_0900aecd800a7907.html

• Cisco ACS deployment guide for WLAN networkshttp://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801495a1.shtml

Michal Remper, CCIE#8151 Systems Engineerpalo/Rozne/cisco-expo/2006/... · Best Practices for LEAP...

Documents

Transcript of Michal Remper, CCIE#8151 Systems Engineerpalo/Rozne/cisco-expo/2006/... · Best Practices for LEAP...